Foundation Palette Writeup

By
Gincy Mol A G
Published on
20 Sep 2020
2 min read
DOMECTF2020

Story

Nancy has shared her new foundation palette with her colleague. She had a variety of shades in it. Do you like it?

Solution

colorme

Open the image in the GIMP editor, select the color picker tool in the tools menu, select each box from these 54 boxes by color picker.

The HTML notation in hexadecimal of these colors in 54 box will be:

        d6a064 d6a06f d6a06d d6a065 d6a063 d6a074 d6a066 d6a07b d6a04b
        d6a04d d6a04a d6a054 d6a047 d6a054 d6a046 d6a073 d6a064 d6a055
        d6a076 d6a064 d6a063 d6a055 d6a056 d6a04c d6a075 d6a042 d6a041
        d6a033 d6a062 d6a077 d6a075 d6a079 d6a030 d6a048 d6a038 d6a077
        d6a073 d6a04d d6a034 d6a034 d6a07d d6a020 d6a069 d6a073 d6a020
        d6a074 d6a068 d6a065 d6a020 d6a066 d6a06c d6a061 d6a067 d6a021
    

The last byte is different for all the colors, so arrange it into one:

        64 6f 6d 65 63 74 66 7b 4b
        4d 4a 54 47 54 46 73 64 55
        76 64 63 55 56 4c 75 42 41
        33 62 77 75 79 30 48 38 77
        73 4d 34 34 7d 20 69 73 20
        74 68 65 20 66 6c 61 67 21
    

When the hexadecimal value is converted into ASCII, the output will be:

domectf{KMJTGTFsdUvdcUVLuBA3bwuy0H8wsM44} and that’s your flag!

Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Gincy Mol A G
Gincy Mol A G
AI Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.